Gap laptop theft puts applicant details at risk
By Miya Knights,
Gap has informed some 800,000 people who applied for jobs through the US clothing retailer's recruitment website that their personal data may be at risk following a laptop theft.
In a statement issued late last Friday, the company said it learned on 19 September that a laptop containing the personal information of certain job applicants was recently stolen from the offices of an unnamed third party vendor that manages Gap job applicant data.
It also said the company has begun notifying by letter affected applicants who applied for a role between July 2006 and June 2007 and whose social security numbers were included on the stolen laptop of the risk to their personal information.
It is offering those affected a year of free credit monitoring services with fraud resolution assistance, along with a dedicated website and 24-hour helpline.
Although the data on the laptop was not encrypted contrary to the company's agreement with the vendor, Gap said it had no reason to believe the data contained on the computer was the target of the theft or that the personal information has been accessed or used improperly.
Gap chairman and chief executive, Glenn Murphy said in the statement: "What happened here is against everything we stand for as a company. We're reviewing the facts and circumstances that led to this incident closely, and will take appropriate steps to help prevent something like this from happening again."
The retailer also said it uses more than one vendor to manage job applicant data, so not all people who applied to work for the company between the relevant dates have been affected.
Talent management vendor Taleo is responsible for the US Gap recruitment website and said in a statement: "The data loss involved a Gap vendor that processes job applicant data. Taleo was not the vendor involved in this data loss."
Local law enforcement has been involved and an investigation of the theft is underway, although the vendor involved in the breach has not been publicly named.
The stolen laptop contained personal information for people who applied for store positions with the company's Old Navy, Banana Republic, Gap and Outlet stores from the US, Puerto Rico and Canada.
Gap operates a similar recruitment website for applicants seeking UK and Ireland positions, but it appears as though the data processed by this site was not affected.
Gap had not responded to requests for comment at time of writing.
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
What is your password worth?
Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.
- Macs under attack?
- Intel: security inside
- Are you spending too much on IT security?
- Does the government want to snoop on your data?
- Eurocrats versus the cyber criminals
- The truth about spam
- Google and privacy: What’s the problem?
- Q&A: Symantec’s CISO on the source code hack
- RSA: Back from the breach?
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- Apple iPad 3 vs iPad 2 head-to-head review
- Hutchison denies it will pull plug on Three UK
- EMC World 2012: Tucci declares Documentum is here to stay
- ICO: Fines for cookie law breakers
- EMC World 2012: EMC talks up cloud, security and big data
- Dell PowerEdge R820 review
- Sony Vaio T13 Ultrabook review: First look
- BlackBerry 7 OS certified to carry 'Restricted' UK government information
- Facebook floatation marred by Nasdaq glitch
- CIO: Career is over?
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
